[v3,48/49] hw/i386/sev: Use guest_memfd for legacy ROMs

Message ID	20240320083945.991426-49-michael.roth@amd.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: Michael Roth <michael.roth@amd.com> To: <qemu-devel@nongnu.org> CC: <kvm@vger.kernel.org>, Tom Lendacky <thomas.lendacky@amd.com>, "Paolo Bonzini" <pbonzini@redhat.com>, =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= <berrange@redhat.com>, Markus Armbruster <armbru@redhat.com>, Pankaj Gupta <pankaj.gupta@amd.com>, Xiaoyao Li <xiaoyao.li@intel.com>, Isaku Yamahata <isaku.yamahata@linux.intel.com> Subject: [PATCH v3 48/49] hw/i386/sev: Use guest_memfd for legacy ROMs Date: Wed, 20 Mar 2024 03:39:44 -0500 Message-ID: <20240320083945.991426-49-michael.roth@amd.com> In-Reply-To: <20240320083945.991426-1-michael.roth@amd.com> References: <20240320083945.991426-1-michael.roth@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Received-SPF: permerror client-ip=2a01:111:f403:2414::601; envelope-from=Michael.Roth@amd.com; helo=NAM11-BN8-obe.outbound.protection.outlook.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Series	Add AMD Secure Nested Paging (SEV-SNP) support \| expand [RFC,v3,00/49] Add AMD Secure Nested Paging (SEV-SNP) support [v3,01/49] Revert "linux-headers hack" from sevinit2 base tree [v3,02/49] scripts/update-linux-headers: Add setup_data.h to import list [v3,03/49] scripts/update-linux-headers: Add bits.h to file imports [v3,04/49,HACK] linux-headers: Update headers for 6.8 + kvm-coco-queue + SNP [v3,05/49,TEMP] hw/i386: Remove redeclaration of struct setup_data [v3,06/49] RAMBlock: Add support of KVM private guest memfd [v3,07/49] HostMem: Add mechanism to opt in kvm guest memfd via MachineState [v3,08/49] trace/kvm: Split address space and slot id in trace_kvm_set_user_memory() [v3,09/49] kvm: Enable KVM_SET_USER_MEMORY_REGION2 for memslot [v3,10/49] kvm: Introduce support for memory_attributes [v3,11/49] physmem: Introduce ram_block_discard_guest_memfd_range() [v3,12/49] kvm: handle KVM_EXIT_MEMORY_FAULT [v3,13/49,FIXUP] "kvm: handle KVM_EXIT_MEMORY_FAULT": drop qemu_host_page_size [v3,14/49] trace/kvm: Add trace for page convertion between shared and private [v3,15/49] kvm/memory: Make memory type private by default if it has guest memfd backend [v3,16/49] memory: Introduce memory_region_init_ram_guest_memfd() [v3,17/49] pci-host/q35: Move PAM initialization above SMRAM initialization [v3,18/49] q35: Introduce smm_ranges property for q35-pci-host [v3,19/49] kvm: Make kvm_convert_memory() obey ram_block_discard_is_enabled() [v3,20/49] trace/kvm: Add trace for KVM_EXIT_MEMORY_FAULT [v3,21/49] i386/sev: Introduce "sev-common" type to encapsulate common SEV state [v3,22/49] i386/sev: Introduce 'sev-snp-guest' object [v3,23/49] i386/sev: Add a sev_snp_enabled() helper [v3,24/49] target/i386: Add handling for KVM_X86_SNP_VM VM type [v3,25/49] i386/sev: Skip RAMBlock notifiers for SNP [v3,26/49] i386/sev: Skip machine-init-done notifiers for SNP [v3,27/49] i386/sev: Set ms->require_guest_memfd for SNP [v3,28/49] i386/sev: Disable SMM for SNP [v3,29/49] i386/sev: Don't disable block discarding for SNP [v3,30/49] i386/cpu: Set SEV-SNP CPUID bit when SNP enabled [v3,31/49] i386/sev: Update query-sev QAPI format to handle SEV-SNP [v3,32/49] i386/sev: Don't return launch measurements for SEV-SNP guests [v3,33/49] kvm: Make kvm_convert_memory() non-static [v3,34/49] i386/sev: Add KVM_EXIT_VMGEXIT handling for Page State Changes [v3,35/49] i386/sev: Add KVM_EXIT_VMGEXIT handling for Page State Changes (MSR-based) [v3,36/49] i386/sev: Add KVM_EXIT_VMGEXIT handling for Extended Guest Requests [v3,37/49] i386/sev: Add the SNP launch start context [v3,38/49] i386/sev: Add handling to encrypt/finalize guest launch data [v3,39/49] i386/sev: Set CPU state to protected once SNP guest payload is finalized [v3,40/49] hw/i386/sev: Add function to get SEV metadata from OVMF header [v3,41/49] i386/sev: Add support for populating OVMF metadata pages [v3,42/49] i386/sev: Add support for SNP CPUID validation [v3,43/49] qapi, i386: Move kernel-hashes to SevCommonProperties [v3,44/49] i386/sev: Extract build_kernel_loader_hashes [v3,45/49] i386/sev: Reorder struct declarations [v3,46/49] i386/sev: Allow measured direct kernel boot on SNP [v3,47/49] hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled [v3,48/49] hw/i386/sev: Use guest_memfd for legacy ROMs [v3,49/49] hw/i386: Add support for loading BIOS using guest_memfd

Message ID

20240320083945.991426-49-michael.roth@amd.com

State

New

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: Michael Roth <michael.roth@amd.com>
To: <qemu-devel@nongnu.org>
CC: <kvm@vger.kernel.org>, Tom Lendacky <thomas.lendacky@amd.com>,
 "Paolo Bonzini" <pbonzini@redhat.com>,
 =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= <berrange@redhat.com>,
 Markus Armbruster <armbru@redhat.com>, Pankaj Gupta <pankaj.gupta@amd.com>,
 Xiaoyao Li <xiaoyao.li@intel.com>,
 Isaku Yamahata <isaku.yamahata@linux.intel.com>
Subject: [PATCH v3 48/49] hw/i386/sev: Use guest_memfd for legacy ROMs
Date: Wed, 20 Mar 2024 03:39:44 -0500
Message-ID: <20240320083945.991426-49-michael.roth@amd.com>
In-Reply-To: <20240320083945.991426-1-michael.roth@amd.com>
References: <20240320083945.991426-1-michael.roth@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Mar 2024 08:56:11.7274 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 a6bbff3f-3dc2-47bf-2ea7-08dc48bb97a1
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17];
 Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 CO1PEPF000044F2.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR12MB7085
Received-SPF: permerror client-ip=2a01:111:f403:2414::601;
 envelope-from=Michael.Roth@amd.com;
 helo=NAM11-BN8-obe.outbound.protection.outlook.com
X-Spam_score_int: -24
X-Spam_score: -2.5
X-Spam_bar: --
X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.422,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Series

Add AMD Secure Nested Paging (SEV-SNP) support | expand

Commit Message

Michael Roth March 20, 2024, 8:39 a.m. UTC

TODO: make this SNP-specific if TDX disables legacy ROMs in general

Current SNP guest kernels will attempt to access these regions with
with C-bit set, so guest_memfd is needed to handle that. Otherwise,
kvm_convert_memory() will fail when the guest kernel tries to access it
and QEMU attempts to call KVM_SET_MEMORY_ATTRIBUTES to set these ranges
to private.

Whether guests should actually try to access ROM regions in this way (or
need to deal with legacy ROM regions at all), is a separate issue to be
addressed on kernel side, but current SNP guest kernels will exhibit
this behavior and so this handling is needed to allow QEMU to continue
running existing SNP guest kernels.

Signed-off-by: Michael Roth <michael.roth@amd.com>
---
 hw/i386/pc.c       | 13 +++++++++----
 hw/i386/pc_sysfw.c | 13 ++++++++++---
 2 files changed, 19 insertions(+), 7 deletions(-)

Comments

Isaku Yamahata March 20, 2024, 6:12 p.m. UTC | #1

On Wed, Mar 20, 2024 at 03:39:44AM -0500,
Michael Roth <michael.roth@amd.com> wrote:

> TODO: make this SNP-specific if TDX disables legacy ROMs in general

TDX disables pc.rom, not disable isa-bios. IIRC, TDX doesn't need pc pflash.
Xiaoyao can chime in.

Thanks,

> 
> Current SNP guest kernels will attempt to access these regions with
> with C-bit set, so guest_memfd is needed to handle that. Otherwise,
> kvm_convert_memory() will fail when the guest kernel tries to access it
> and QEMU attempts to call KVM_SET_MEMORY_ATTRIBUTES to set these ranges
> to private.
> 
> Whether guests should actually try to access ROM regions in this way (or
> need to deal with legacy ROM regions at all), is a separate issue to be
> addressed on kernel side, but current SNP guest kernels will exhibit
> this behavior and so this handling is needed to allow QEMU to continue
> running existing SNP guest kernels.
> 
> Signed-off-by: Michael Roth <michael.roth@amd.com>
> ---
>  hw/i386/pc.c       | 13 +++++++++----
>  hw/i386/pc_sysfw.c | 13 ++++++++++---
>  2 files changed, 19 insertions(+), 7 deletions(-)
> 
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index feb7a93083..5feaeb43ee 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -1011,10 +1011,15 @@ void pc_memory_init(PCMachineState *pcms,
>      pc_system_firmware_init(pcms, rom_memory);
>  
>      option_rom_mr = g_malloc(sizeof(*option_rom_mr));
> -    memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
> -                           &error_fatal);
> -    if (pcmc->pci_enabled) {
> -        memory_region_set_readonly(option_rom_mr, true);
> +    if (machine_require_guest_memfd(machine)) {
> +        memory_region_init_ram_guest_memfd(option_rom_mr, NULL, "pc.rom",
> +                                           PC_ROM_SIZE, &error_fatal);
> +    } else {
> +        memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
> +                               &error_fatal);
> +        if (pcmc->pci_enabled) {
> +            memory_region_set_readonly(option_rom_mr, true);
> +        }
>      }
>      memory_region_add_subregion_overlap(rom_memory,
>                                          PC_ROM_MIN_VGA,
> diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
> index 9dbb3f7337..850f86edd4 100644
> --- a/hw/i386/pc_sysfw.c
> +++ b/hw/i386/pc_sysfw.c
> @@ -54,8 +54,13 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
>      /* map the last 128KB of the BIOS in ISA space */
>      isa_bios_size = MIN(flash_size, 128 * KiB);
>      isa_bios = g_malloc(sizeof(*isa_bios));
> -    memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
> -                           &error_fatal);
> +    if (machine_require_guest_memfd(current_machine)) {
> +        memory_region_init_ram_guest_memfd(isa_bios, NULL, "isa-bios",
> +                                           isa_bios_size, &error_fatal);
> +    } else {
> +        memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
> +                               &error_fatal);
> +    }
>      memory_region_add_subregion_overlap(rom_memory,
>                                          0x100000 - isa_bios_size,
>                                          isa_bios,
> @@ -68,7 +73,9 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
>             ((uint8_t*)flash_ptr) + (flash_size - isa_bios_size),
>             isa_bios_size);
>  
> -    memory_region_set_readonly(isa_bios, true);
> +    if (!machine_require_guest_memfd(current_machine)) {
> +        memory_region_set_readonly(isa_bios, true);
> +    }
>  }
>  
>  static PFlashCFI01 *pc_pflash_create(PCMachineState *pcms,
> -- 
> 2.25.1
> 
>

Xiaoyao Li March 28, 2024, 12:45 a.m. UTC | #2

On 3/21/2024 2:12 AM, Isaku Yamahata wrote:
> On Wed, Mar 20, 2024 at 03:39:44AM -0500,
> Michael Roth <michael.roth@amd.com> wrote:
> 
>> TODO: make this SNP-specific if TDX disables legacy ROMs in general
> 
> TDX disables pc.rom, not disable isa-bios. IIRC, TDX doesn't need pc pflash.

Not TDX doesn't need pc pflash, but TDX cannot support pflash.

Can SNP support the behavior of pflash? That what's got changed will be 
synced back to OVMF file?

> Xiaoyao can chime in.
> 
> Thanks,
> 
>>
>> Current SNP guest kernels will attempt to access these regions with
>> with C-bit set, so guest_memfd is needed to handle that. Otherwise,
>> kvm_convert_memory() will fail when the guest kernel tries to access it
>> and QEMU attempts to call KVM_SET_MEMORY_ATTRIBUTES to set these ranges
>> to private.
>>
>> Whether guests should actually try to access ROM regions in this way (or
>> need to deal with legacy ROM regions at all), is a separate issue to be
>> addressed on kernel side, but current SNP guest kernels will exhibit
>> this behavior and so this handling is needed to allow QEMU to continue
>> running existing SNP guest kernels.
>>
>> Signed-off-by: Michael Roth <michael.roth@amd.com>
>> ---
>>   hw/i386/pc.c       | 13 +++++++++----
>>   hw/i386/pc_sysfw.c | 13 ++++++++++---
>>   2 files changed, 19 insertions(+), 7 deletions(-)
>>
>> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
>> index feb7a93083..5feaeb43ee 100644
>> --- a/hw/i386/pc.c
>> +++ b/hw/i386/pc.c
>> @@ -1011,10 +1011,15 @@ void pc_memory_init(PCMachineState *pcms,
>>       pc_system_firmware_init(pcms, rom_memory);
>>   
>>       option_rom_mr = g_malloc(sizeof(*option_rom_mr));
>> -    memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
>> -                           &error_fatal);
>> -    if (pcmc->pci_enabled) {
>> -        memory_region_set_readonly(option_rom_mr, true);
>> +    if (machine_require_guest_memfd(machine)) {
>> +        memory_region_init_ram_guest_memfd(option_rom_mr, NULL, "pc.rom",
>> +                                           PC_ROM_SIZE, &error_fatal);
>> +    } else {
>> +        memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
>> +                               &error_fatal);
>> +        if (pcmc->pci_enabled) {
>> +            memory_region_set_readonly(option_rom_mr, true);
>> +        }
>>       }
>>       memory_region_add_subregion_overlap(rom_memory,
>>                                           PC_ROM_MIN_VGA,
>> diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
>> index 9dbb3f7337..850f86edd4 100644
>> --- a/hw/i386/pc_sysfw.c
>> +++ b/hw/i386/pc_sysfw.c
>> @@ -54,8 +54,13 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
>>       /* map the last 128KB of the BIOS in ISA space */
>>       isa_bios_size = MIN(flash_size, 128 * KiB);
>>       isa_bios = g_malloc(sizeof(*isa_bios));
>> -    memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
>> -                           &error_fatal);
>> +    if (machine_require_guest_memfd(current_machine)) {
>> +        memory_region_init_ram_guest_memfd(isa_bios, NULL, "isa-bios",
>> +                                           isa_bios_size, &error_fatal);
>> +    } else {
>> +        memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
>> +                               &error_fatal);
>> +    }
>>       memory_region_add_subregion_overlap(rom_memory,
>>                                           0x100000 - isa_bios_size,
>>                                           isa_bios,
>> @@ -68,7 +73,9 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
>>              ((uint8_t*)flash_ptr) + (flash_size - isa_bios_size),
>>              isa_bios_size);
>>   
>> -    memory_region_set_readonly(isa_bios, true);
>> +    if (!machine_require_guest_memfd(current_machine)) {
>> +        memory_region_set_readonly(isa_bios, true);
>> +    }
>>   }
>>   
>>   static PFlashCFI01 *pc_pflash_create(PCMachineState *pcms,
>> -- 
>> 2.25.1
>>
>>
>

Michael Roth April 24, 2024, 12:08 a.m. UTC | #3

On Thu, Mar 28, 2024 at 08:45:03AM +0800, Xiaoyao Li wrote:
> On 3/21/2024 2:12 AM, Isaku Yamahata wrote:
> > On Wed, Mar 20, 2024 at 03:39:44AM -0500,
> > Michael Roth <michael.roth@amd.com> wrote:
> > 
> > > TODO: make this SNP-specific if TDX disables legacy ROMs in general
> > 
> > TDX disables pc.rom, not disable isa-bios. IIRC, TDX doesn't need pc pflash.
> 
> Not TDX doesn't need pc pflash, but TDX cannot support pflash.
> 
> Can SNP support the behavior of pflash? That what's got changed will be
> synced back to OVMF file?

For split OVMF files (separate FD for CODE vs. VARS) it can, but it
requires special handling in OVMF to handle MMIO to the VARS area using
direct MMIO hypercalls rather than relying on MMIO emulation. Here's the
relevant OVMF commit:

  commit 437eb3f7a8db7681afe0e6064d3a8edb12abb766
  Author: Tom Lendacky <thomas.lendacky@amd.com>
  Date:   Wed Aug 12 15:21:42 2020 -0500

      OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Bypass flash detection with SEV-ES

      BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198

For SNP, the plan is to continue to use -bios to handle the actual
CODE/BIOS FD, but to allow the use of pflash,unit=0 to handle the VARS
fd if a separate/persistent store is desired. This allows us to continue
using read-only memslots on the VARS/pflash side without being at odds
with the fact that read-only memslots are no longer supported for private
memslots (since VARS doesn't need to be measured/mapped as private), and
limiting the special handling to -bios where TDX/SNP both need private
memslots.

This is roughly how things will look with v4 of this series:

  https://github.com/AMDESE/qemu/commit/21fff075372ad25b2d09c5e416349c2b353fdb4c

I think (if needed) TDX could in theory take a similar approach with
similar modifications to OVMF and providing an option for a split CODE/VARS
variant.

-Mike

> 
> > Xiaoyao can chime in.
> > 
> > Thanks,
> > 
> > > 
> > > Current SNP guest kernels will attempt to access these regions with
> > > with C-bit set, so guest_memfd is needed to handle that. Otherwise,
> > > kvm_convert_memory() will fail when the guest kernel tries to access it
> > > and QEMU attempts to call KVM_SET_MEMORY_ATTRIBUTES to set these ranges
> > > to private.
> > > 
> > > Whether guests should actually try to access ROM regions in this way (or
> > > need to deal with legacy ROM regions at all), is a separate issue to be
> > > addressed on kernel side, but current SNP guest kernels will exhibit
> > > this behavior and so this handling is needed to allow QEMU to continue
> > > running existing SNP guest kernels.
> > > 
> > > Signed-off-by: Michael Roth <michael.roth@amd.com>
> > > ---
> > >   hw/i386/pc.c       | 13 +++++++++----
> > >   hw/i386/pc_sysfw.c | 13 ++++++++++---
> > >   2 files changed, 19 insertions(+), 7 deletions(-)
> > > 
> > > diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> > > index feb7a93083..5feaeb43ee 100644
> > > --- a/hw/i386/pc.c
> > > +++ b/hw/i386/pc.c
> > > @@ -1011,10 +1011,15 @@ void pc_memory_init(PCMachineState *pcms,
> > >       pc_system_firmware_init(pcms, rom_memory);
> > >       option_rom_mr = g_malloc(sizeof(*option_rom_mr));
> > > -    memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
> > > -                           &error_fatal);
> > > -    if (pcmc->pci_enabled) {
> > > -        memory_region_set_readonly(option_rom_mr, true);
> > > +    if (machine_require_guest_memfd(machine)) {
> > > +        memory_region_init_ram_guest_memfd(option_rom_mr, NULL, "pc.rom",
> > > +                                           PC_ROM_SIZE, &error_fatal);
> > > +    } else {
> > > +        memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
> > > +                               &error_fatal);
> > > +        if (pcmc->pci_enabled) {
> > > +            memory_region_set_readonly(option_rom_mr, true);
> > > +        }
> > >       }
> > >       memory_region_add_subregion_overlap(rom_memory,
> > >                                           PC_ROM_MIN_VGA,
> > > diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
> > > index 9dbb3f7337..850f86edd4 100644
> > > --- a/hw/i386/pc_sysfw.c
> > > +++ b/hw/i386/pc_sysfw.c
> > > @@ -54,8 +54,13 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
> > >       /* map the last 128KB of the BIOS in ISA space */
> > >       isa_bios_size = MIN(flash_size, 128 * KiB);
> > >       isa_bios = g_malloc(sizeof(*isa_bios));
> > > -    memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
> > > -                           &error_fatal);
> > > +    if (machine_require_guest_memfd(current_machine)) {
> > > +        memory_region_init_ram_guest_memfd(isa_bios, NULL, "isa-bios",
> > > +                                           isa_bios_size, &error_fatal);
> > > +    } else {
> > > +        memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
> > > +                               &error_fatal);
> > > +    }
> > >       memory_region_add_subregion_overlap(rom_memory,
> > >                                           0x100000 - isa_bios_size,
> > >                                           isa_bios,
> > > @@ -68,7 +73,9 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
> > >              ((uint8_t*)flash_ptr) + (flash_size - isa_bios_size),
> > >              isa_bios_size);
> > > -    memory_region_set_readonly(isa_bios, true);
> > > +    if (!machine_require_guest_memfd(current_machine)) {
> > > +        memory_region_set_readonly(isa_bios, true);
> > > +    }
> > >   }
> > >   static PFlashCFI01 *pc_pflash_create(PCMachineState *pcms,
> > > -- 
> > > 2.25.1
> > > 
> > > 
> > 
> 
>

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index feb7a93083..5feaeb43ee 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1011,10 +1011,15 @@  void pc_memory_init(PCMachineState *pcms,
     pc_system_firmware_init(pcms, rom_memory);
 
     option_rom_mr = g_malloc(sizeof(*option_rom_mr));
-    memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
-                           &error_fatal);
-    if (pcmc->pci_enabled) {
-        memory_region_set_readonly(option_rom_mr, true);
+    if (machine_require_guest_memfd(machine)) {
+        memory_region_init_ram_guest_memfd(option_rom_mr, NULL, "pc.rom",
+                                           PC_ROM_SIZE, &error_fatal);
+    } else {
+        memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
+                               &error_fatal);
+        if (pcmc->pci_enabled) {
+            memory_region_set_readonly(option_rom_mr, true);
+        }
     }
     memory_region_add_subregion_overlap(rom_memory,
                                         PC_ROM_MIN_VGA,
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 9dbb3f7337..850f86edd4 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -54,8 +54,13 @@  static void pc_isa_bios_init(MemoryRegion *rom_memory,
     /* map the last 128KB of the BIOS in ISA space */
     isa_bios_size = MIN(flash_size, 128 * KiB);
     isa_bios = g_malloc(sizeof(*isa_bios));
-    memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
-                           &error_fatal);
+    if (machine_require_guest_memfd(current_machine)) {
+        memory_region_init_ram_guest_memfd(isa_bios, NULL, "isa-bios",
+                                           isa_bios_size, &error_fatal);
+    } else {
+        memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size,
+                               &error_fatal);
+    }
     memory_region_add_subregion_overlap(rom_memory,
                                         0x100000 - isa_bios_size,
                                         isa_bios,
@@ -68,7 +73,9 @@  static void pc_isa_bios_init(MemoryRegion *rom_memory,
            ((uint8_t*)flash_ptr) + (flash_size - isa_bios_size),
            isa_bios_size);
 
-    memory_region_set_readonly(isa_bios, true);
+    if (!machine_require_guest_memfd(current_machine)) {
+        memory_region_set_readonly(isa_bios, true);
+    }
 }
 
 static PFlashCFI01 *pc_pflash_create(PCMachineState *pcms,

[v3,48/49] hw/i386/sev: Use guest_memfd for legacy ROMs

Commit Message

Comments

Patch